<?php
class Login extends Action {
	/*
	 * (non-PHPdoc) @see Action::execute()
	 */
	public function execute($params) {
		// 如果已经登录
		$data = array ();
		$I = whoami ();
		if ($I->signed) {
			Response::redirect ( ADMIN_URL );
		} else if (rqset ( 'login' )) {
			$account = rqst ( 'account' );
			$passwd = rqst ( 'passwd' );
			$captcha = sess_del ( 'need_check_captcha', false );
			$goon = true;
			if ($captcha) {
				$code = strtolower ( rqst ( 'captcha' ) );
				$code1 = sess_get ( '__CAPTCHA__', false );
				$timeout = sess_get ( '__CAPTCHA__TIMEOUT__', 0 );
				$time = time ();
				if ($time > $timeout) {
					$data ['error'] = '验证码已经超时.';
					$goon = false;
				} else if ($code !== $code1) {
					$data ['error'] = '验证码错误.';
					$goon = false;
				}
			}
			if ($goon) {
				$cuM = new CoreUserModel ();
				$where ['uname'] = $account;
				$where ['passwd'] = md5 ( $passwd );
				$user = $cuM->read ( $where );
				if ($user) {
					if ($user ['status']) {
						$data ['error'] = '账户已经被禁用.';
					} else {
						$user ['login_time'] = time ();
						$user ['login_ip'] = $_SERVER ['REMOTE_ADDR'];
						$user ['type'] = 'admin';
						sess_add ( '__CUR_USER__', $user );
						Response::redirect ( ADMIN_URL );
					}
				} else {
					$data ['error'] = '账户密码不匹配或账户不存在.';
				}
			}
			$data ['account'] = $account;
			$data ['passwd'] = $passwd;
			sess_add ( 'need_check_captcha', true );
		}
		$data ['site_name'] = CoreOptionModel::getOption ( 'site_name', 'CentIMS' );
		$data ['captcha'] = sess_get ( 'need_check_captcha', false );
		return new SmartyView ( $data, 'Login' );
	}
}